From the Security Experts

July 19, 2013

Secure SIP Trunking: Gain the Best of Advanced Services without the Danger

By SIP Trunking Report Editor at Large

SIP Trunking may not be a brand new technology, but not all communications providers and certainly customers have made the move.

One big issue is security, with those without SIP-based services warning that the technology isn’t safe, that because it is based on IP, it can be hacked the same way our IP network can.

Perhaps that is true, but the maturity levels of tools that protect IP networks is extremely high – and SIP can be just as safe, if not more so, than the T-1, ISDN and other legacy connections.

SIP, which stands for Session Initiation Protocol, is an advanced way of delivering services, in part by supporting multicast. This mean that video, voice, data and other items can all move simultaneously across IP networks. This is a huge enabler for applications such as Unified Communications (UC) which combines voice with IM, conferencing, presence and tight integration with key productivity applications. 

Image via Shutterstock

The Security Rub

While SIP Trunking, which is how SIP can be delivered, is clearly compelling, security hold it back the same way these fears keep many off the cloud.

IntelePeer believes SIP can be highly secure and makes it its business to make it so.

In a recent TMC webinar, IntelePeer’s senior director of product management Neil Griffiths explained just how to make SIP secure so you can optimize your performance and open up a whole world of SIP features.

IntelePeer believes applying old approaches to newer technologies such as SIP is a big mistake. “Securing communications has historically required costly and inflexible dedicated connections such as ISDN PRI circuits. With the growth of VoIP and SIP Trunking, this security model has been applied to the IP network in the form of dedicated IP network connections using a variety of techniques including MPLS and GigE, limiting deployment flexibility and extending provisioning times. In many cases, this inflexible approach reduces many of the promised benefits of IP communications,” explained SIP vendor IntelePeer. Griffith’s agrees that security, if not handled properly, is a concern for SIP providers. Poor security can lead to privacy invasions, identity theft, toll card, credit card fraud, and compromised voice mail and PBXs.

But having the right strategy and vendor partners can negate these and other threats. You need encryption, obviously, certificates, as well as the ability to detect incongruous calling patterns and spoofed or otherwise unauthorized IP addresses.

When looking at SIP vendors, this encryption and other security features should be built in, and not cost extra.

One item to demand, Griffith advises, is that the vendor be certified for TLS.SRTP SIP security and that this certification be given by an outside body. Also look for proactive monitoring to stop toll fraud.

With these all in hand, SIP can be fully secure even over the public network.

The Webinar SIP Security: Optimize Performance with Minimal Risk took place June 19, and looked at “the latest hardware- and software-based solutions for securing and encrypting SIP trunks, enabling enterprises to leverage increased functionality and flexibility, and improved economics of over the top SIP Trunk deployment models while complying with corporate security policies and avoiding TDoS attacks.” Webinar information can be found here.

More information on SIP Trunking can also be found at

Edited by Rich Steeves